Vendor
: Check Point
Exam Code : 156-215.76
Version: Demo
Cheat-Test, help you pass any IT exam!
Cheat-Test.com - The Worldwide Renowned IT Certification Material Provider! The safer, easier way to help you pass any IT Certification exams.
We provide high quality IT Certification exams practice questions and answers (Q&A). Especially Cisco, Microsoft, HP, IBM, Oracle, CompTIA, Adobe, Apple, Citrix, EMC, Isaca, Avaya, SAP and so on. And help you pass an IT Certification exams at the first try.
Cheat-Test product Features: •
Verified Answers Researched by Industry Experts
•
Questions updated on regular basis
•
Like actual certification exams our product is in multiple-choice questions (MCQs).
•
Our questions and answers are backed by our GUARANTEE.
7x24 online customer service: contact@cheat-test.com
Click Here to get more Free Cheat-Test Certification exams!
http://www.Cheat-Test.com
Q: 1 You install and deploy GAiA with default settings. You allow Visitor Mode in the Gateway object's Remote Access properties and install policy; but SecureClient refuses to connect. What is the cause of this? A. Set Visitor Mode in Policy > Global Properties > Remote-Access > VPN - Advanced. B. Office mode is not configured. C. You need to start SSL Network Extender first, then use Visitor Mode. D. The WebUI on GAiA runs on port 443 (HTTPS). When you configure Visitor Mode it cannot bind to default port 443, because it's used by another program (WebUI). You need to change the WebUI port, or run Visitor Mode on a different port. Answer: D Q: 2 Where does the security administrator activate Identity Awareness within SmartDashboard? A. LDAP Server Object > General Properties B. Gateway Object > General Properties C. Policy > Global Properties > Identity Awareness D. Security Management Server > Identity Awareness Answer: B Q: 3 Jennifer McHanry is CEO of ACME. She recently bought her own personal iPad. She wants use her iPad to access the internal Finance Web server. Because the iPad is not a member of the Active Directory domain, she cannot identify seamlessly with AD Query. However, she can enter her AD credentials in the Captive Portal and then get the same access as on her office computer. Her access to resources is based on rules in the R76 Firewall Rule Base. To make this scenario work, the IT administrator must: 1) Enable Identity Awareness on a gateway and select Captive Portal as one of the Identity Sources. 2) In the Portal Settings window in the User Access section, make sure that Name and password login is selected. 3) Create a new rule in the Firewall Rule Base to let Jennifer McHanry access network destinations. Select accept as the Action. Ms. McHanry tries to access the resource but is unable. What should she do? A. Have the security administrator select the Action field of the Firewall Rule "Redirect HTTP connections to an authentication (captive) portal" B. Install the Identity Awareness agent on her iPad C. Have the security administrator reboot the firewall D. Have the security administrator select Any for the Machines tab in the appropriate Access Role Answer: A Q: 4 How are cached usernames and passwords cleared from the memory of a R76 Security Gateway? A. By retrieving LDAP user information using the command fw fetchldap. B. By installing a Security Policy. C. By using the Clear User Cache button in SmartDashboard. D. Usernames and passwords only clear from memory after they time out. Answer: B Q: 5
All R76 Security Servers can perform authentication with the exception of one. Which of the Security Servers can NOT perform authentication? A. RLOGIN B. HTTP C. SMTP D. FTP Answer: C Q: 6 Sally has a Hot Fix Accumulator (HFA) she wants to install on her Security Gateway which operates with GAiA, but she cannot SCP the HFA to the system. She can SSH into the Security Gateway, but she has never been able to SCP files to it. What would be the most likely reason she cannot do so? A. She needs to edit /etc/scpusers and add the Standard Mode account. B. She needs to run sysconfig and restart the SSH process. C. She needs to run cpconfig to enable the ability to SCP files. D. She needs to edit /etc/SSHd/SSHd_config and add the Standard Mode account. Answer: A Q: 7 Which R76 SmartConsole tool would you use to verify the installed Security Policy name on a Security Gateway? A. SmartView Server B. SmartView Tracker C. None, SmartConsole applications only communicate with the Security Management Server. D. SmartUpdate Answer: B Q: 8 A Security Policy installed by another Security Administrator has blocked all SmartDashboard connections to the stand-alone installation of R76. After running the command fw unloadlocal, you are able to reconnect with SmartDashboard and view all changes. Which of the following change is the most likely cause of the block? A. A Stealth Rule has been configured for the R76 Gateway. B. The Gateway Object representing your Gateway was configured as an Externally Managed VPN Gateway. C. The Security Policy installed to the Gateway had no rules in it. D. The Allow Control Connections setting in Policy > Global Properties has been unchecked. Answer: D Q: 9 You installed Security Management Server on a computer using GAiA in the MegaCorp home office. You use IP address 10.1.1.1. You also installed the Security Gateway on a second SecurePlatform computer, which you plan to ship to another Administrator at a MegaCorp hub office. What is the correct order for pushing SIC certificates to the Gateway before shipping it? A. 2, 1, 3, 4, 5 8. 2, 3, 4, 5, 1 c. 1, 3, 2, 4, 5 D. 2, 3, 4, 1, 5 Answer: A
Q: 10 You want to generate a cpinfo file via CLI on a system running GAiA. This will take about 40 minutes since the log files are also needed. What action do you need to take regarding timeout? A. Log in as Administrator, set the timeout to one hour with the command idle 60 and start cpinfo. B. Log in as the default user expert and start cpinfo. C. No action is needed because cpshell has a timeout of one hour by default. D. Log in as admin, switch to expert mode, set the timeout to one hour with the command, idle 60, then start cpinfo. Answer: A